125 lines
3.5 KiB
Diff
125 lines
3.5 KiB
Diff
From 81a33ea5e1b86d586b956e893a5b25c4cd41c969 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= <dev@ingo-kloecker.de>
|
|
Date: Sat, 26 Jun 2021 18:02:47 +0200
|
|
Subject: [PATCH] core: Fix use-after-free issue in test
|
|
|
|
* tests/gpg/t-edit-sign.c (sign_key, verify_key_signature): New.
|
|
(main): Factored out signing and verifying the result.
|
|
--
|
|
|
|
Factoring the two steps of the test into different functions fixes the
|
|
use-after-free issue that was caused by accidentaly using a variable
|
|
of the first step in the second step.
|
|
|
|
GnuPG-bug-id: 5509
|
|
---
|
|
tests/gpg/t-edit-sign.c | 54 ++++++++++++++++++++++++++++-------------
|
|
1 file changed, 37 insertions(+), 17 deletions(-)
|
|
|
|
diff --git a/tests/gpg/t-edit-sign.c b/tests/gpg/t-edit-sign.c
|
|
index 2f983622..e0494c54 100644
|
|
--- a/tests/gpg/t-edit-sign.c
|
|
+++ b/tests/gpg/t-edit-sign.c
|
|
@@ -107,31 +107,19 @@ interact_fnc (void *opaque, const char *status, const char *args, int fd)
|
|
}
|
|
|
|
|
|
-int
|
|
-main (int argc, char **argv)
|
|
+void
|
|
+sign_key (const char *key_fpr, const char *signer_fpr)
|
|
{
|
|
gpgme_ctx_t ctx;
|
|
gpgme_error_t err;
|
|
gpgme_data_t out = NULL;
|
|
- const char *signer_fpr = "A0FF4590BB6122EDEF6E3C542D727CC768697734"; /* Alpha Test */
|
|
gpgme_key_t signing_key = NULL;
|
|
- const char *key_fpr = "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2"; /* Bravo Test */
|
|
gpgme_key_t key = NULL;
|
|
- gpgme_key_t signed_key = NULL;
|
|
- gpgme_user_id_t signed_uid = NULL;
|
|
- gpgme_key_sig_t key_sig = NULL;
|
|
char *agent_info;
|
|
- int mode;
|
|
-
|
|
- (void)argc;
|
|
- (void)argv;
|
|
-
|
|
- init_gpgme (GPGME_PROTOCOL_OpenPGP);
|
|
|
|
err = gpgme_new (&ctx);
|
|
fail_if_err (err);
|
|
|
|
- /* Sign the key */
|
|
agent_info = getenv("GPG_AGENT_INFO");
|
|
if (!(agent_info && strchr (agent_info, ':')))
|
|
gpgme_set_passphrase_cb (ctx, passphrase_cb, 0);
|
|
@@ -159,8 +147,23 @@ main (int argc, char **argv)
|
|
gpgme_data_release (out);
|
|
gpgme_key_unref (key);
|
|
gpgme_key_unref (signing_key);
|
|
+ gpgme_release (ctx);
|
|
+}
|
|
+
|
|
+
|
|
+void
|
|
+verify_key_signature (const char *key_fpr, const char *signer_keyid)
|
|
+{
|
|
+ gpgme_ctx_t ctx;
|
|
+ gpgme_error_t err;
|
|
+ gpgme_key_t signed_key = NULL;
|
|
+ gpgme_user_id_t signed_uid = NULL;
|
|
+ gpgme_key_sig_t key_sig = NULL;
|
|
+ int mode;
|
|
+
|
|
+ err = gpgme_new (&ctx);
|
|
+ fail_if_err (err);
|
|
|
|
- /* Verify the key signature */
|
|
mode = gpgme_get_keylist_mode (ctx);
|
|
mode |= GPGME_KEYLIST_MODE_SIGS;
|
|
err = gpgme_set_keylist_mode (ctx, mode);
|
|
@@ -168,7 +171,7 @@ main (int argc, char **argv)
|
|
err = gpgme_get_key (ctx, key_fpr, &signed_key, 0);
|
|
fail_if_err (err);
|
|
|
|
- signed_uid = key->uids;
|
|
+ signed_uid = signed_key->uids;
|
|
if (!signed_uid)
|
|
{
|
|
fprintf (stderr, "Signed key has no user IDs\n");
|
|
@@ -180,7 +183,7 @@ main (int argc, char **argv)
|
|
exit (1);
|
|
}
|
|
key_sig = signed_uid->signatures->next;
|
|
- if (strcmp ("2D727CC768697734", key_sig->keyid))
|
|
+ if (strcmp (signer_keyid, key_sig->keyid))
|
|
{
|
|
fprintf (stderr, "Unexpected key ID in second user ID sig: %s\n",
|
|
key_sig->keyid);
|
|
@@ -196,6 +199,23 @@ main (int argc, char **argv)
|
|
|
|
gpgme_key_unref (signed_key);
|
|
gpgme_release (ctx);
|
|
+}
|
|
+
|
|
+
|
|
+int
|
|
+main (int argc, char **argv)
|
|
+{
|
|
+ const char *signer_fpr = "A0FF4590BB6122EDEF6E3C542D727CC768697734"; /* Alpha Test */
|
|
+ const char *signer_keyid = signer_fpr + strlen(signer_fpr) - 16;
|
|
+ const char *key_fpr = "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2"; /* Bravo Test */
|
|
+
|
|
+ (void)argc;
|
|
+ (void)argv;
|
|
+
|
|
+ init_gpgme (GPGME_PROTOCOL_OpenPGP);
|
|
+
|
|
+ sign_key (key_fpr, signer_fpr);
|
|
+ verify_key_signature (key_fpr, signer_keyid);
|
|
|
|
return 0;
|
|
}
|
|
--
|
|
2.32.0
|